Are you passionate about cyber security and skilled in leading a team? The Department of Transport and Main Roads is seeking an experienced professional to join our team as a Principal Security Specialist, Cyber Defence (AO7).

In the role of Principal Security Specialist you will provide leadership to team of specialists responsible for Cyber Defence functions including, Cyber Security Incident Response, Cyber Threat Intelligence and Cyber Defence Tools to maximise the delivery of TMR's critical infrastructure services. You will directly contribute to strengthening our cyber security maturity using a combination of identify, protect, detect, response and recover approaches.

Job details

The Cyber Defence team sit within the Information Security Unit in the Information Technology Branch (ITB), TMR. The objectives of the Cyber Defence team protect TMR from cyber security threats. This involves collaboration with a number of teams both within and outside of ITB to uplift TMR's Cyber Security posture and overall to prepare, detect and response to Cyber Security incidents.

About the Role

In the role of Principal Security Specialist you will provide technical leadership to team of specialists responsible for Cyber Defence functions including, Cyber Security Incident Response, Vulnerability Management, Cyber Threat Intelligence and Cyber Defence Tools to maximise the continued delivery of TMR's critical infrastructure services. You will directly contribute to strengthening our cyber security maturity using a combination of identify, protect, detect, response and recover approaches.

Some of your responsibilities will include:

• Plan and lead the day to day operational activities of the team to maintain the security of the organisation, providing advice and operational Cyber Security guidance.
• Lead, mentor and guide the Cyber Defence team in undertaking Operational Cyber Security activities.
• Strengthening security operations across TMR, enhancing monitoring capability and improving overall cyber resilience.
• Manage assessments, review's and implementation of external and internal vulnerability scanning, penetration tests and Cyber Security improvements ensuring identified issues are addressed.
• Undertake incident response planning and coordinate ICT security activities, incident assessment and investigation and reporting on cyber security breaches, ensuring all identified breaches in security are promptly and thoroughly investigated, including determining potential impact, and making recommendations on timely remediation.
• Provide Cyber Security advice and guidance to teams managing ICT assets, undertaking ICT changes and administering ICT platforms to adhere to TMR policy, standards and guidelines, Industry best practice and relevant Industry standards and frameworks.
• Reporting to management regularly on all Cyber Defence activities, including maturity, risk's observed, incident trends, cyber security threats and response activities.
• Identify and coordinate evaluation, deployment and management of current and future security technologies.
• Engage and instruct external service providers on cyber security related activities.

Mandatory qualifications and conditions

• Due to this role having access to sensitive data, a criminal history check will be undertaken prior to appointment to the role.

Requirements of the role

• Demonstrated success in Operational ICT security in enterprise environments.
• Ability to design and implement cybersecurity solutions across diverse systems
• Experience managing teams, strong communication skills and the ability to work with stakeholders, vendors and delivery partners
• Excellent written and verbal communication skills alongside a demonstrated ability to build relationships in a customer facing role
• Demonstrable experience managing a continual improvement program and taking a proactive approach to service delivery
• Extensive knowledge of Cyber Defence technologies, cloud infrastructure, networking, firewalls and ITSM concepts
• Knowledge of standards and frameworks including Essential 8, NIST CSF, IS18 and ISO/IEC 27000 series
• Ability to document and explain technical details clearly and concisely to both technical and non-technical audiences.

Applications to remain current for 12 months

Job Ad Reference: QLD/683672/26

Closing Date: Friday, 10 April 2026

Further information

We are committed to building inclusive cultures in the Queensland public sector that respect and promote human rights and diversity.

Please ensure you download all attachments and follow the instructions on how to apply.

Documents

Before applying for this vacancy please ensure you read the documents below.

• Applicant guide (Word, 618KB)
  
  
  683672 26 Role Description (Word, 576KB)